<?php
	include_once("global_modules.php");
	
	/**
	 * This function get the list of users.
	 * @param $filter Array containing ids to be searched.
	 * @return Array containing a list of users where each user has id, username, name, email, public key and admin, enable flags.
	 */
	function get_users($filter=NULL){
		$connection = database_connect();
		
		$query = database_query($connection, "SELECT * FROM \"user\"");
		
		$user_list = array();
		$row = 0;
		while($results = database_fetch_object($query, $row)){
			$user_list[] = array(
								'id' => $results->id,
								'username' => $results->username,
								'name' => $results->name,
								'email' => $results->email,
								'public_key' => $results->public_key,
								'enable' => $results->enable,
								'admin' => $results->admin
							);
			$row++;
		}
		
		database_close($connection);
		
		if($filter != NULL && is_array($filter))
			$user_list = filter_LS_list($filter, $user_list);
		
		return $user_list;
	}
	
	/**
	 * This function add a new user in database.
	 * @param $user_data Array containing the username, password, name and email from the new user.
     * @return Integer containing the id of a new user when the user was successfully added or boolean FALSE when not.
	 */
	function add_user($user_data){
		$query_fields = "";
		$query_values = "";
		
		$fields = array('username','email','password','name','gidnumber','homedirectory');
		for($i=0; $i < count($user_data); $i++){
			$array_key_name = array_keys($user_data)[$i];
			
			if(in_array($array_key_name, $fields)){
				$query_fields .= " ".$array_key_name.",";
				
				if($array_key_name == 'password'){
					$crypted_password = md5crypt($user_data[''.$array_key_name.'']);
					$query_values .= " '".$crypted_password."',";
				}else
					$query_values .= " '".$user_data[''.$array_key_name.'']."',";
			}
		}
		
		if(empty($query_fields) || empty($query_values))
			return FALSE;
			
		if($query_fields{strlen($query_fields)-1} == ',')
			$query_fields = substr($query_fields, 0, strlen($query_fields)-1);
			
		if($query_fields{0} == ' ')
			$query_fields = substr($query_fields, 1, strlen($query_fields)-1);
		
		if($query_values{strlen($query_values)-1} == ',')
			$query_values = substr($query_values, 0, strlen($query_values)-1);
			
		if($query_values{0} == ' ')
			$query_values = substr($query_values, 1, strlen($query_values)-1);
		
		$connection = database_connect();
		
		$query = "INSERT INTO \"user\" (".$query_fields.") VALUES (".$query_values.")";
		$user_insert = database_query($connection, $query);
		
		$query_user_id = database_query($connection, "SELECT id FROM \"user\" ORDER BY id DESC LIMIT 1");
		$user_id = database_fetch_object($query_user_id);
		$user_id = $user_id->id;
        
		database_close($connection);
		
		if($user_insert)
			return $user_id;
		else
			return FALSE;
	}
	
	/**
	 * This function add a new public key for the especified user.
	 * @param $user_id Integer containing the user id.
	 * @param $public_key String containing the new key to be added from the user.
	 * @return boolean TRUE when the key was successfully added or FALSE when not.
	 */
	function add_user_public_key($user_id, $public_key){
		$connection = database_connect();
		
		$query = "UPDATE \"user\" SET public_key = '".$public_key."' WHERE id = ".$user_id."";
		$alter_key = database_query($connection, $query);

		database_close($connection);
		
		if($alter_key)
			return TRUE;
		else
			return FALSE;
	}
	
	/**
	 * This function remove a user.
	 * @param $user_id Integer containing the id of the user to be removed.
	 * @return boolean TRUE when the user was successfully removed or FALSE when not.
	 */
	function delete_user($user_id){
		$connection = database_connect();
		
		$query = "DELETE FROM \"user\" WHERE id = ".$user_id."";
		$remove_user = database_query($connection, $query);
		
		database_close($connection);
		
		if($remove_user)
			return TRUE;
		else
			return FALSE;
	}

	/**
	 * This function remove a public_key from the user.
	 * @param $user_id Integer containing the id of the user.
	 * @return boolean TRUE when the user public_key was successfully removed or FALSE when not.
	 */
	function delete_user_public_key($user_id){
		$connection = database_connect();
		
		$query = "UPDATE \"user\" set public_key = NULL WHERE id = ".$user_id."";
		$delete_key = database_query($connection, $query);

		database_close($connection);
		
		if($delete_key)
			return TRUE;
		else
			return FALSE;
	}
	
	/**
	 * This function update the user data (Name and email).
	 * @param $user_id Integer containing the id of the user to be updated.
	 * @param $new_user_data Array containing the new user data (['name'], ['email'], ['password'], ['enable'] and ['admin']).
	 * @return boolean TRUE when the user was successfully updated or FALSE when not.
	 */
	function update_user($user_id, $new_user_data){
		$query_update_part = "";
		
		$fields = array('name','email','password','enable','admin');
		for($i=0; $i < count($new_user_data); $i++){
			$array_key_name = array_keys($new_user_data)[$i];
			
			if(in_array($array_key_name, $fields)){
				if($array_key_name == 'password'){
					$new_crypted_password = md5crypt($new_user_data[''.$array_key_name.'']);
					$query_update_part .= " ".$array_key_name." = '".$new_crypted_password."',";
				}else
					$query_update_part .= " ".$array_key_name." = '".$new_user_data[''.$array_key_name.'']."',";
			}
		}
		
		if(empty($query_update_part))
			return FALSE;
			
		if($query_update_part{strlen($query_update_part)-1} == ',')
			$query_update_part = substr($query_update_part, 0, strlen($query_update_part)-1);
			
		if($query_update_part{0} == ' ')
			$query_update_part = substr($query_update_part, 1, strlen($query_update_part)-1);
		
		$connection = database_connect();
		
		$query = "UPDATE \"user\" set ".$query_update_part." WHERE id = ".$user_id."";
		$update_user_data = database_query($connection, $query);

		database_close($connection);
		
		if($update_user_data)
			return TRUE;
		else
			return FALSE;
	}
	
	/**
	 * This function authenticate the user (username and password)
	 * @param $username String containing the username.
	 * @param $password String containing the password.
	 * @return Integer containing the user id when the authentication was successful, or Boolean false when not.
	 */
	function authenticate_user($username, $password){
		$connection = database_connect();
		
		$query = "SELECT password FROM \"user\" WHERE username = '".$username."'";
		$get_salt = database_query($connection, $query);
		
		if(database_num_rows($get_salt) != 1)
			return FALSE;
			
		$user_pass = database_fetch_object($get_salt);

		$salt = substr($user_pass->password, 7, 12);
		$crypted_password = md5crypt($password, $salt);
		
		$query = "SELECT id FROM \"user\" WHERE username = '".$username."' and password = '".$crypted_password."'";
		$select_user = database_query($connection, $query);
		
		if(database_num_rows($select_user) != 1)
			return FALSE;
		else{
			$user_id = database_fetch_object($select_user);
			return $user_id->id;
		}
		
		database_close($connection);
	}
	
	/**
	 * This function get the id of user.
	 * @param $username String containing the username.
	 * @return Integer containing the user id.
	 */
	function get_user_id_by_username($username){
		$connection = database_connect();
		
		$query = "SELECT id FROM \"user\" WHERE username = '".$username."'";
		$select_user = database_query($connection, $query);
		
		if(database_num_rows($select_user) != 1)
			return FALSE;
		else{
			$user_id = database_fetch_object($select_user);
			return $user_id->id;
		}
		
		database_close($connection);
	}
?>
